RSS 4 projects tagged "Information Security"

No download No website Updated 15 Apr 2013 Nova: Network Anti-Reconnaissance Tool

Screenshot
Pop 92.70
Vit 1.96

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.

No download Website Updated 25 Mar 2014 MASTIFF

Screenshot
Pop 62.57
Vit 1.53

MASTIFF is a static analysis framework which automates the process of extracting key characteristics from a number of different file formats. To ensure the framework remains flexible and extensible, a community-driven set of plugins is used to perform file analysis and data extraction. While originally designed to support malware, intrusion, and forensic analysis, the framework is well-suited to support a broader range of analytic needs. In a nutshell, MASTIFF allows analysts to focus on analysis rather than figuring out how to parse files.

No download No website Updated 07 Dec 2010 MyDLP

Screenshot
Pop 32.22
Vit 35.14

MyDLP provides a way to prevent data leakage through data transmission including Web, email, removable devices, printers, screenshots, and other channels. It is open, easy, reliable, and takes only 30 minutes to set up.

No download No website Updated 12 Jan 2013 ARP Neighbor Cache Fingerprinter

Screenshot
Pop 15.03
Vit 21.63

ARP Neighbor Cache Fingerprinter is a tool that provides a mechanism for remote operating system detection by extrapolating characteristics of the target system's underlying neighbor cache and general ARP behavior. Given the non-existence of any standard specification for how the neighbor cache should behave, several differences in network stack implementations can be used for unique identification. The main disadvantage of this tool versus traditional fingerprinting is that because it's based on a Layer 2 protocol instead of a Layer 3 protocol, the target machine that is being tested must reside on the same Ethernet broadcast domain (usually the same physical network).

Screenshot

Project Spotlight

Terrier

A probabilistic Java toolkit for building search engines.

Screenshot

Project Spotlight

BakAndImgCD

A LiveCD for data backup and disk imaging.